This function is useful for authenticating website clients against local (or remote) Unix users.

I'd played around with Apache+PAM, various mod_auths and homebrewed shell programs and even NIS, but to authenticate a user against a Unix shadow file fundamentally requires root priviledges, so either your PHP script needs root or an external program needs it's sticky bit set. Both of these have *serious* security implications.

Using SSH, the overhead is obviously going to be greater but you're trusting a root service that's been (and continues to be) really well tested. Just try authing with SSH against localhost (or another host if you want).

Do not try to authenticate or log in more than once on a ssh2 connection. It won't work. You'll need a new connection via ssh2_connect() which will result in a poor performance if you're doing several connects to the same server.